<?
require_once('./lib/authentication.lib.php');
?>

<HTML>
<HEAD>
</HEAD>
<BODY>

<?

if (isset($_POST["user"]) and isset($_POST["pass"]))
{
	$user = mysql_escape_string($_POST["user"]);
	$pass = mysql_escape_string($_POST["pass"]);

	$query = "SELECT `pass` FROM `User` WHERE `login` = '$user';";
	$result = mysql_query($query);

	if ($row = mysql_fetch_assoc($result))
	{
		if ($row["pass"] == $pass)
		{
			$_SESSION["user"] = $user;
			?>
			<SCRIPT><!--
                        window.opener.location.reload();
			window.close();
			--></SCRIPT>
			<?
			exit();
		}
	}

	echo "<H3>Login failed</H3>\n";
}

	?>
	<FORM ACTION="login.php" METHOD="post">
	<P>User: <INPUT TYPE="text" NAME="user">
	<P>Pass: <INPUT TYPE="password" NAME="pass">
	<P><INPUT TYPE="submit" VALUE="Send">
</BODY></HTML>
